<?php
        session_start();
        require_once("../include/db_info.inc.php");
        require_once("discuss_func.inc.php");
	
	$tid = intval($_REQUEST['tid']);
	$cid=pdo_query("select cid from topic where tid=?",$tid)[0][0];
        if ($_REQUEST['target']=='reply'){
                $rid = intval($_REQUEST['rid']); 
                $stat = -1;
                if ($_REQUEST['action']=='resume') $stat = 0;
                if ($_REQUEST['action']=='disable') $stat = 1;
                if ($_REQUEST['action']=='delete') $stat = 2;
                if ($stat == -1) err_msg("Wrong action.");
                $rid = intval($rid);
                $sql = "update reply SET status =? WHERE `rid` = ?";
                if (!isset($_SESSION[$OJ_NAME.'_'.'administrator'])){
                        if ($stat!=2){ 
				$sql.=" and ?!=''";
				err_msg("<a href=\"../loginpage.php\">Please Login First</a>");
                        }else{ 
				$sql.=" AND author_id=?";
			}
                	pdo_query($sql, $stat,$rid,$_SESSION[$OJ_NAME.'_'.'user_id']);
                }else{
			echo "$sql";
                	pdo_query($sql, $stat,$rid);
		}
		header('Location: thread.php?tid='.$tid."&cid=$cid");
		exit();
        }
        if ($_REQUEST['target']=='thread'){
                $tid = intval($_REQUEST['tid']);
                $toplevel = -1; $stat = -1;
                if ($_REQUEST['action']=='sticky') 
                        if(array_key_exists('level',$_REQUEST)&&is_numeric($_REQUEST['level']) &&$_REQUEST['level']>=0 &&$_REQUEST['level']<4)
                                $toplevel = intval($_REQUEST['level']);
                        else
                                err_msg("Invalid sticky level.");
                if ($_REQUEST['action']=='resume') $stat = 0;
                if ($_REQUEST['action']=='lock') $stat = 1;
                if ($_REQUEST['action']=='delete') $stat = 2;
                if (!isset($_SESSION[$OJ_NAME.'_'.'administrator']))
                        errmsg("<a href=./loginpage.php>Please Login First</a>");
                if ($toplevel == -1 && $stat == -1)
                        errmsg("Wrong action.");
                $tid =intval($tid);
                if ($stat == -1) 
                        $sql = "UPDATE topic SET top_level = $toplevel WHERE `tid` = '$tid'";
                else $sql = "UPDATE topic SET status = $stat WHERE `tid` = '$tid'";
               
                if ( pdo_query($sql) >0) {
                        if ($stat!=2) header('Location: thread.php?tid='.$tid."&cid=$cid");
                        else header('Location: discuss.php'."?cid=$cid");
                }
                else {
                        errmsg( "The thread does not exist.");
                        exit(0);
                }
        }
?>
